12 matches found
Cross-site Scripting
form-to-database is vulnerable to Cross-Site Scripting. The vulnerability is due to improper handling of form values, where non-string inputs were not sanitized or safely normalized, and attackers can exploit this by injecting malicious JavaScript that executes when the data is rendered...
EUVD-2025-29543
Malicious code in bioql PyPI...
CVE-2025-10316
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
GHSA-54PG-2X9H-CMX8 TYPO3 "Form to Database" extension susceptible to Cross-site Scripting
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
TYPO3 "Form to Database" extension susceptible to Cross-site Scripting
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the formtodatabase exten. An attacker can execute arbitrary scripts in the context of the user's browser by injecting malicious input. Details Cross-site scripting or XSS is a code vulnerability that occurs...
CVE-2025-10316
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database)
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
CVE-2025-10316
CVE-2025-10316 affects the TYPO3 extension Form to Database (form_to_database). The issue is Cross-Site Scripting due to insufficient handling of form values, allowing injection of malicious scripts when data is rendered. Affected versions are: before 2.2.5; 3.0.0–3.2.1; 4.0.0–4.2.2; 5.0.0–5.0.1....
CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database)
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
TYPO3 Form to Database 安全漏洞
TYPO3 Form to Database is an open source database extension for TYPO3. A security vulnerability exists in TYPO3 Form to Database, which is vulnerable to cross-site scripting attacks. The following versions are affected: versions prior to 2.2.5, versions 3.0.0 through 3.2.2, versions 4.0.0 through...
PT-2025-37914
Name of the Vulnerable Software and Affected Versions: Form to Database versions prior to 2.2.5 Form to Database versions 3.0.0 through 3.2.2 Form to Database versions 4.0.0 through 4.2.3 Form to Database versions 5.0.0 through 5.0.2 Description: The extension "Form to Database" is susceptible to...